This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft File: TuwmeuLxv5Xm16FCCA5d96MTlJI.mft (raw, json) Hash identifier: b0ejopCSs4hCglrGzzbye7qmdcusD1bJLpT5ngdVGzs= Subject key identifier: 07:9C:82:0C:0F:B8:B1:9F:0C:6E:9B:4F:BE:BC:ED:6F:8A:68:AF:4C Authority key identifier: 4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92 Certificate issuer: /CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492 Certificate serial: 019B48825138F6AB1F93E6C9AE5D5FE6E6CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft Manifest number: 0C71 Signing time: Tue 23 Dec 2025 00:00:58 +0000 Manifest this update: Tue 23 Dec 2025 00:00:58 +0000 Manifest next update: Wed 24 Dec 2025 00:00:58 +0000 Files and hashes: 1: TuwmeuLxv5Xm16FCCA5d96MTlJI.crl (hash: Vm7w8K7u8kMusaTrZ09+J7ZD1SLf/sJGeEAe34P9zeI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:82:51:38:f6:ab:1f:93:e6:c9:ae:5d:5f:e6:e6:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492 Validity Not Before: Dec 23 00:00:58 2025 GMT Not After : Dec 24 00:00:58 2025 GMT Subject: CN=079c820c0fb8b19f0c6e9b4fbebced6f8a68af4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ef:59:0c:90:0d:99:dd:5b:1e:2d:18:fe:a7: 5c:48:9d:cf:6d:ba:27:4d:02:64:2f:86:1c:38:85: 0c:7f:22:ed:43:42:89:76:9b:1f:7c:ff:bc:d6:9a: 78:56:a8:a2:11:ba:af:96:d3:40:70:5c:5c:da:51: d0:69:55:87:6a:0e:f9:ea:17:dd:8d:f4:1b:86:07: 7b:26:13:c4:ce:da:da:ee:f4:0b:aa:6e:1a:89:87: 6c:e2:24:17:ba:87:21:4d:cf:27:bc:1a:92:cb:37: 06:cc:88:39:06:0d:e8:c5:35:c0:43:04:cc:4a:a7: 18:3e:78:af:5c:0e:38:65:f4:41:60:2c:ca:bd:17: fe:45:59:13:05:fb:28:bc:6a:3e:a0:19:33:de:5f: 67:ed:52:e0:b3:af:f9:cc:01:c8:b6:ec:de:c9:9c: f2:3a:2f:a2:07:f8:4a:2e:63:10:63:79:83:cb:1e: e7:ee:e3:13:48:79:57:7b:ca:58:aa:b7:8d:e2:fe: 16:6a:c0:1e:e0:b5:88:9d:58:20:e0:ae:d6:33:3a: 12:a1:39:05:bb:82:f5:95:bf:25:63:11:f8:36:cf: b1:6c:61:5b:71:92:54:ff:0c:64:0d:3c:04:9d:05: 16:52:6b:f7:7b:2e:be:f7:66:b1:84:13:59:e0:1f: 3f:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:9C:82:0C:0F:B8:B1:9F:0C:6E:9B:4F:BE:BC:ED:6F:8A:68:AF:4C X509v3 Authority Key Identifier: keyid:4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:08:7d:a2:aa:53:c1:23:10:e7:c4:52:c5:44:99:2b:13:c5: 3a:1c:1b:d6:49:23:a9:65:bc:92:32:00:89:e1:6b:d8:e0:e6: 3e:6d:39:de:7f:6e:e8:bd:8c:a2:a4:fd:64:ca:ab:62:99:bb: 3d:e6:09:a6:48:d9:ab:37:76:23:fe:71:5c:53:72:29:fa:34: f4:d1:b9:fe:54:4c:59:17:b1:64:1d:7f:42:fc:50:cb:13:c1: 97:58:25:e3:11:c4:f7:86:cc:22:a8:03:cf:4b:fb:72:e7:bf: 49:c6:25:c2:42:2c:13:eb:92:11:f2:5b:71:0c:10:7a:9d:f8: 4e:0b:ae:80:6d:84:4f:4c:52:58:80:ca:7f:61:15:8d:17:11: 3a:10:35:fe:24:93:66:73:c4:a0:45:f5:de:1a:4f:49:8f:56: 12:c9:d1:f2:46:d2:14:2d:97:ef:25:39:56:b2:e8:8c:70:59: 47:a9:e7:37:37:71:20:13:53:e6:70:08:99:1e:88:c0:79:51: 43:5e:b3:c0:d7:8d:a3:09:ae:e4:6a:4b:41:63:41:a7:31:48: c2:b5:d9:0a:03:3a:de:59:cc:9e:b0:d3:5c:9b:e3:06:fc:4d: 12:84:72:f0:b6:0a:23:1c:15:60:fc:0a:90:95:16:97:b3:57: fd:3b:82:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIglE49qsfk+bJrl1f5ubMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlZWMyNjdhZTJmMWJmOTVlNmQ3YTE0MjA4MGU1ZGY3YTMx Mzk0OTIwHhcNMjUxMjIzMDAwMDU4WhcNMjUxMjI0MDAwMDU4WjAzMTEwLwYDVQQD EygwNzljODIwYzBmYjhiMTlmMGM2ZTliNGZiZWJjZWQ2ZjhhNjhhZjRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxO9ZDJANmd1bHi0Y/qdcSJ3Pbbon TQJkL4YcOIUMfyLtQ0KJdpsffP+81pp4VqiiEbqvltNAcFxc2lHQaVWHag756hfd jfQbhgd7JhPEztra7vQLqm4aiYds4iQXuochTc8nvBqSyzcGzIg5Bg3oxTXAQwTM SqcYPnivXA44ZfRBYCzKvRf+RVkTBfsovGo+oBkz3l9n7VLgs6/5zAHItuzeyZzy Oi+iB/hKLmMQY3mDyx7n7uMTSHlXe8pYqreN4v4WasAe4LWInVgg4K7WMzoSoTkF u4L1lb8lYxH4Ns+xbGFbcZJU/wxkDTwEnQUWUmv3ey6+92axhBNZ4B8/WQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAecggwPuLGfDG6bT7687W+KaK9MMB8GA1UdIwQY MBaAFE7sJnri8b+V5tehQggOXfejE5SSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMt NmI5NmM4MzYxMjY1LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMtNmI5NmM4MzYxMjY1 LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOgh9oqpT wSMQ58RSxUSZKxPFOhwb1kkjqWW8kjIAieFr2ODmPm053n9u6L2MoqT9ZMqrYpm7 PeYJpkjZqzd2I/5xXFNyKfo09NG5/lRMWRexZB1/QvxQyxPBl1gl4xHE94bMIqgD z0v7cue/ScYlwkIsE+uSEfJbcQwQep34TguugG2ET0xSWIDKf2EVjRcROhA1/iST ZnPEoEX13hpPSY9WEsnR8kbSFC2X7yU5VrLojHBZR6nnNzdxIBNT5nAImR6IwHlR Q16zwNeNowmu5GpLQWNBpzFIwrXZCgM63lnMnrDTXJvjBvxNEoRy8LYKIxwVYPwK kJUWl7NX/TuC1g== -----END CERTIFICATE-----Generated at Tue Dec 23 03:17:22 2025 by rpki-client